trojanhttp://www.maclife.com/taxonomy/term/4024/all
enApple Issues Update to Identify New 'iWorm' Threathttp://www.maclife.com/article/news/apple_issues_update_identify_new_iworm_threat
<!--paging_filter--><p>Some Apple users experienced another big tech scare this weekend in the form of the so-called "iWorm" virus that reportedly affected more than 17,000 Macs worldwide (via <a href="http://news.drweb.com/show/?i=5976&amp;lng=en&amp;c=14" target="_blank">Doctor Web</a>), but just in time for Monday, most of the danger has passed. As <a href="http://www.macrumors.com/2014/10/04/iworm-malware-xprotect/" target="_blank">MacRumors</a> reports, Apple has already updated its Xprotect malware definitions to prevent it from being downloaded in the future.</p><p>The virus, known in full as Mac.BackDoor.iWorm, reportedly used searches for posts in a Reddit subreddit dedicated to server lists for the popular game Minecraft. Searching allowed the Reddit user responsible to gain the IP address of the person searching, as well as their Command and Control (CnC) network data.</p><p><img src="/files/u334114/2014/10/appleworm.jpg" width="620" height="464" /></p><p><strong>Source: <a href="http://sitoto.com/lovable-imagery-3d-abstract-hd-wallpaper-apple-eaten-by-worm-notebook-wallpaper/" target="_blank">Sitoto</a></strong></p><p>Apple's Xprotect itself has been around since the introduction of Mac OS X Snow Leopard and has been built into every iteration of OS X since, and it serves as a simple but effective malware detection service. Viruses and related vulnerabilities aren't that common for Mac machines, as as a result there's only around 40 entries listed after all that time. But while the service doesn't see that many updates, Mac machines (running OS X Snow Leopard and newer updates) run a search for them every day.</p><p>Still worried that you might be affected? Developer Jacob Salmela created <a href="http://jacobsalmela.com/roll-defense-mac-backdoor-iworm/" target="_blank">a handy guide</a> for figuring out if Mac.BackDoor.iWorm got to you.</p><p><em>Follow this article's writer, <a href="https://twitter.com/LeifJohnson" target="_blank">Leif Johnson</a>, on Twitter.</em></p>http://www.maclife.com/article/news/apple_issues_update_identify_new_iworm_threat#commentsNewsiWormMacMac.BackDoor.iWormOS XtrojanViruswormTue, 07 Oct 2014 00:16:56 +0000Leif Johnson20741 at http://www.maclife.comRansomware Masked as FBI Notice Targets OS X Usershttp://www.maclife.com/article/gallery/ransomware_masked_fbi_notice_targets_os_x_users
<!--paging_filter--><p>Remember when Apple's Mac OS was largely a niche system and the cyber thugs of the world largely left us alone? There were some good aspects about those days, as <a href="http://blog.malwarebytes.org/intelligence/2013/07/fbi-ransomware-now-targeting-apples-mac-os-x-users/" target="_blank">Malwarebytes </a>reminds us with a report of some nasty "ransomware" currently circulating through Macs that masquerades as an official FBI notice demanding $300. Trojans like these are old news for most Windows users, but they're unfamiliar enough on Macs that they might catch some users unaware. Worse yet, they also feed on contemporary fears about the monitoring of electronic devices by the NSA.</p><p>It certainly looks official, and it's largely (but not entirely) free of the little grammatical slips and typos that usually make these scams so identifiable. Fortunately, it's not even that dangerous, partially thanks to Apple's closed system. All it does is open up around 150 separate iframe windows with ominous messages like "You have been viewing or distributing Pornographic content" and--surely the coders in charge must be laughing at this one--"your computer may be infected by malware, thus you are violating the law on Neglectful Use of Personal Computer." There is no such law. Big Brother may be watching you, but we're still free to foul up our own computers as we please.</p><p><iframe src="//www.youtube.com/embed/Ip6tvti4UjU" width="620" height="465" frameborder="0"></iframe></p><p><strong>Source: <a href="http://blog.malwarebytes.org/intelligence/2013/07/fbi-ransomware-now-targeting-apples-mac-os-x-users/" target="_blank">Malwarebytes</a></strong></p><p>To clear the message, you're expected to pay $300 to the site, payable through GreenDot MoneyPak cards you can pick up at most gas stations. <strong>(Don't.)</strong> It's even designed to activate after certain popular searches: in one confirmed case, for instance, it popped up after a user searched for Taylor Swift on Microsoft's Bing image search. This isn't just a swipe at Apple enthusiasts using Bing--as <a href="http://venturebeat.com/2012/12/12/google-bing-search-xxx-porn/" target="_blank">VentureBeat reports</a>, ever since Google severely tightened the adult content revealed through its image search back in December, porn surfers have been flocking to Microsoft's search engine. According to Malwarebytes, the scam doesn't work on mobile devices.</p><p>In practice, all you really need to do in order to get rid of the windows is to close them individually, but the design of the service obviously hopes that users will tire of the process and give in and pay the money. According to the report, Safari's practice of reopening windows means that simply closing the app and restarting does little to nothing to resolve the issue for tech lightweights. As <a href="http://www.macrumors.com/2013/07/16/os-x-users-hit-by-ransomware-websites-posing-as-fbi-notices/" target="_blank">MacRumors</a> points out, you can get around this by holding down the Shift key as you restart Safari or simply by disabling the feature within Mac OS X's General tab in System Preferences. Considering that Malwarebytes apparently wasn't even aware of this simple step, that doesn't bode well for the many desktop and notebook owners who haven't taken the time to learn the ins and outs of their systems.</p><p><em> Follow this article's writer, <a href="https://twitter.com/LeifJohnson" target="_blank">Leif Johnson</a>, on Twitter.</em></p>http://www.maclife.com/article/gallery/ransomware_masked_fbi_notice_targets_os_x_users#commentsGalleryNewsFBIGreenDotMacmalwareMoneyPakOS XransomwaretrojanTue, 16 Jul 2013 22:41:08 +0000Leif Johnson17543 at http://www.maclife.comYontoo Adware Trojan is Infecting Macs, Here's How to Stop It http://www.maclife.com/article/news/yontoo_adware_trojan_infecting_macs_heres_how_stop_it
<!--paging_filter--><p>Earlier this afternoon, reports of a browser-based trojan infecting Mac OS X users started sprouting up around the internet. The malware installs itself as a plugin on browsers like Safari, Chrome, and Firefox. Now that we're all aware, you can avoid getting infected by taking some simple precautions. But what if Yontoo is already blowing up your browser with ads?</p><p style="text-align: center;"><img src="/files/u323900/yontoo4.png" alt="Yontoo Trojan" width="420" height="349" /></p><p>Thankfully, avoiding Yontoo is fairly easy. The trojan -- originally found by <a href="http://news.drweb.com/show/?i=3389&amp;lng=en&amp;c=14" target="_blank">Russian researchers at Doctor Web</a> -- gets into your browser after you click on a prompt to install a plugin on movie trailers, media players, or claims of "quicker" download times. After you've hit install, Trojan.Yontoo.1 generally installs a bogus program like "Twit Tube," and starts directing a barrage of web ads in your direction.&nbsp;</p><p>So, here's a good piece of advice: don't install questionable stuff from shady places. Like your mom used to say, "If you don't know where it came from, don't eat it."</p><p>But if by chance you were unlucky enough to get infected with Yontoo, there's still a simple way out. <a href="http://reviews.cnet.com/8301-13727_7-57575543-263/how-to-remove-yontoo-adware-trojan-from-your-os-x-system/" target="_blank">CNET has posted</a> a step-by-step guide on how to de-Yontoo your browser. Essentially, you just need to eradicate the plugin.&nbsp;</p><p>Remember that myth how Macs are never targets for viruses and malware? Wouldn't it be great if that was actually true? <a href="http://www.symantec.com/security_response/writeup.jsp?docid=2012-052923-1931-99" target="_blank">According to Symantec</a>, there's a Windows version of Yontoo as well, focused on Facebook ads.&nbsp;</p><p>&nbsp;</p><p><span style="font-style: italic;">Follow this article's author, </span><a style="font-style: italic;" href="http://www.twitter.com/clarkmatt" target="_blank">Matt Clark, on Twitter</a><span style="font-style: italic;">.</span></p> <p><em>Image Source: Doctor Web</em></p><p>&nbsp;</p>http://www.maclife.com/article/news/yontoo_adware_trojan_infecting_macs_heres_how_stop_it#commentsNewsadwareapplechromeFirefoxMacmalwareSafaritrojanVirusyontoo trojanThu, 21 Mar 2013 19:30:13 +0000Matt Clark16543 at http://www.maclife.comIntego Discovers New OSX/Crisis Mac Trojan, But Don't Panic Just Yethttp://www.maclife.com/article/news/intego_discovers_new_osxcrisis_mac_trojan_dont_panic_just_yet
<!--paging_filter--><p><img src="/files/u220903/intego__you_200px.png" alt="Intego + You" width="200" height="150" class="graphic-right" />Just hours ahead of Wednesday's release of OS X Mountain Lion, a new Mac trojan has been discovered -- and you'll have good reason to upgrade, since the dormant OSX/Crisis only runs on Snow Leopard or OS X Lion.<br /><br /><a href="http://www.intego.com/mac-security-blog/new-apple-mac-trojan-called-osxcrisis-discovered-by-intego-virus-team/" target="_blank">Intego has sounded an alarm with a new security memo on Tuesday</a>, detailing a new Mac trojan called "OSX/Crisis" which its virus team has discovered. And on paper at least, it's a troublesome one, installing silently without a password.<br /><br />For now, the risk of being affected by the OSX/Crisis malware is quite low -- Intego notes that it hasn't actually been found in the wild yet. However, the Trojan dropper "exhibits some anti-analysis and stealthing techniques that are uncommon among OS X malware."<br /><br />"This threat works only in OSX versions 10.6 and 10.7 -- Snow Leopard and Lion," Intego notes on its blog. "It installs without need of any user interaction; no password is required for it to run. The Trojan preserves itself against reboots, so it will continue to run until it’s removed. Depending on whether or not the dropper runs on a user account with root permissions, it will install different components. It remains to be seen if or how this threat is installed on a user's system; it may be that an installer component will try to establish root permissions."<br /><br />That sounds pretty scary, but Intego is already on the case, pushing an update to its VirusBarrier X6 software so users will be protected from OSX/Crisis. Meanwhile, the company's virus team continues to analyze any potential threat from the malware, so we'll be sure to update MacLife.com readers should the situation change.<br /><br /><em>Follow this article’s author, <a href="http://www.twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p>&nbsp;</p>http://www.maclife.com/article/news/intego_discovers_new_osxcrisis_mac_trojan_dont_panic_just_yet#commentsNewsdiscoveryIntegoMac OS X 10.6malwareOS X LionOSX/CrisisSnow LeopardthreattrojanVirusBarrier X6MacTue, 24 Jul 2012 22:46:50 +0000J.R. Bookwalter14633 at http://www.maclife.comThe 10 Hottest Apple News Stories, The Week of April 6thhttp://www.maclife.com/article/gallery/10_hottest_apple_news_stories_week_april_6th
<!--paging_filter-->http://www.maclife.com/article/gallery/10_hottest_apple_news_stories_week_april_6th#commentsGalleryairplayApp StoreAppsEasterFileMaker GoFlashbackflashback trojanInfographiciPad 3Javakeynotemalwaremobile phonesnew ipadretina displaysparrowstreamingStreaming mediatrojanWi-FiSat, 07 Apr 2012 00:30:00 +0000J Keirn-Swanson13762 at http://www.maclife.comHow to Protect Your Mac from Java-based Malwarehttp://www.maclife.com/article/howtos/how_protect_your_mac_javabased_malware
<!--paging_filter--><p><img src="/files/u12635/java_teaser.png" width="150" height="150" class="graphic-right" />Apple malware: it's everywhere you don't want it to be, like in your computer. Or your browser. Malware usually has something to do with Java and Java applet-based applications. This week's latest Apple malware scare is no different. Over the past few days, there have been numerous reports about the <a href="http://support.apple.com/kb/DL1515?viewlocale=en_US&amp;locale=en_US" target="_blank"> Flashback.K</a>, Flashback.K, a Mac trojan that exploits a critical Java vulnerability.<br /><br />A trojan is a piece of malware that pretends to be a trusted piece of software to get you to click and install it. In this case, Flashback.K pretends to be an official Adobe Flash Player updater, and exploits a vulnerability in Java called <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0507" target="_blank">CVE-2012-0507</a>.<br /><br />Luckily, there are a few ways to protect yourself and your Mac from getting this piece of Java malware installed on your system. Continue reading to learn how.<br /><br /></p><h3>How to Safely Browse and Download the Right Files</h3><p><a class="thickbox" href="http://www.maclife.com/files/u12635/malware_1.png"><img src="http://www.maclife.com/files/u12635/malware_1.png" width="620" height="478" class="thickbox" /></a></p><p>The first step to avoid getting malware on any system is to be careful when you’re surfing the web and downloading applications. Check out our article on <a href="http://www.maclife.com/article/howtos/how_safely_browse_web" target="_blank">how to safely browse the web</a> to learn how to avoid malicious websites.</p><h3>Disable Java in Mac OS X</h3><p><img src="http://www.maclife.com/files/u12635/no_java_large.png" width="200" height="145" class="graphic-right" />Java applications are inherently different than other applications on your Mac. Unlike traditional applications that are "compiled" by the software author and can only be run on specifically designed architectures, Java apps can run on any system with a JRE (Java Runtime Environment). This means that a piece of Java malware can affect Windows, Linux, and Mac systems. <br /><br />Because Apple supplies the Java updates for the Mac, however, some of the updates to fix these vulnerabilities come in later than their Windows and Linux counterparts, making the Mac more susceptible to these issues. The point is: just because you have the latest version of the JRE on your Mac doesn’t mean you’re protected and without any vulnerability. <br /><br />With Mac OS X Lion (10.7), Apple stopped distributing JRE with OS X. If you installed Lion from scratch and haven’t installed the JRE from within Software Update, then you’re protected. However, if you have a JRE on your system, you can disable it to be protected from Java applications being run on your Mac.</p><p><a class="thickbox" href="/files/u12635/java_1.png"><img src="/files/u12635/java_1.png" width="620" height="492" class="thickbox" /></a><br />To turn off the JRE, navigate to Application &gt; Utilities &gt; Java Preferences. On the General tab, uncheck the “Enable applet plug-in and Web Start applications,” and then uncheck the “On” box for Java SE X (where X is the version of the JRE).</p><p><a class="thickbox" href="/files/u12635/java_2.png"><img src="/files/u12635/java_2.png" width="620" height="492" class="thickbox" /></a><br />While you’re here, you can check which applications currently have access to run without prompting you beforehand by clicking on the Security tab. If you see an application you didn’t allow, click it, and then click on the minus (-) button at the bottom of the screen to remove it from this list, keeping it from running without prompting you.</p><h3>Disable Java in your browser</h3><p>The last way to protect yourself is to disable Java applets from running within your web browser. We’ve already disabled the Java system, but just to be on the safe side, you should disable Java in Firefox, Safari, or Chrome. Click here to learn more about <a href="http://www.maclife.com/article/howtos/how_disable_java_your_mac_web_browser" target="_blank">disabling Java within your favorite browser</a>. <br /><em><br />Cory Bohon is a freelance technology writer, indie Mac and iOS developer, and amateur photographer. Follow this article's author, <a href="http://twitter.com/coryb/" target="_blank">Cory Bohon on Twitter</a>.</em></p>http://www.maclife.com/article/howtos/how_protect_your_mac_javabased_malware#commentsAdobe Flashanti-virusdisableFlashbackFlashback.KJavaJava appletMacmalwaretrojanVirusMacHow-TosWed, 04 Apr 2012 18:32:26 +0000Cory Bohon13726 at http://www.maclife.comVariant of Boonana Virus Found on the Machttp://www.maclife.com/article/news/variant_boonana_virus_found_mac
<!--paging_filter--><p><img src="http://www.maclife.com/files/u12635/virus_removal_screen_securemac.jpg" width="380" height="189" /></p><p>For the second time in just over a week, a second virus has been found on the Mac. Trojan.osx.boonana.b is a variant of the malware that was discovered last week called <a href="../../article/news/securemac_releases_new_information_about_boonana_trojan_virus" target="_blank">Boonana</a>. While SecureMac notes the malware appears similar to the Koobface virus that struck Windows in 2008, it is not the same. Rather, Boonana appears to be unique.</p><p>The <a href="http://www.securemac.com/boonana-b-bulletin.php" target="_blank">SecureMac bulletin</a> noted, "The new variant, trojan.osx.boonana.b, behaves in a very similar manner to the original malware, and is currently being distributed on multiple sites. In addition to the website documented by ESET as currently distributing the malware, SecureMac has identified two more websites that are currently hosting the new malware variant. Rather than the initial site which tricks users into running (and installing) the malware, these servers seem to be hosting update code for the malware. The infected machines contact these servers looking for updates to the malware payload. At the time of analysis (November 2nd, 2010), these servers were live, and distributing malware."</p><p>In addition to SecureMac, <a href="http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AJava%2FBoonana" target="_blank">Microsoft</a> has also identified this virus as a critical threat for both Macs and PCs in their Malware Protection Center.</p><p>As <a href="http://www.maclife.com/article/news/securemac_releases_new_information_about_boonana_trojan_virus" target="_blank">previously reported</a> here on <em>Mac|Life</em>, the virus is a Java-based application that runs in the web browser and gets around administrator password entry before begin run. This means that the virus has the ability to install itself without your knowledge.</p><p>You can protect yourself by <a href="http://www.maclife.com/article/howtos/how_disable_java_your_mac_web_browser" target="_blank">disabiling Java</a> in your Mac web browser of choice; and, if you believe your Mac is infected, you can download and run a free removal tool from the SecureMac website.</p><p>As always, stay tuned to <em>Mac|Life</em> for more information on the Boonana virus.</p><p>&nbsp;</p><p><em>Follow this article's author, <a href="http://twitter.com/coryb" target="_blank">Cory Bohon on Twitter</a></em>.</p><p>&nbsp;</p><p>&nbsp;</p>http://www.maclife.com/article/news/variant_boonana_virus_found_mac#commentsNewsApple Inc.MacSecure MactrojanTrojan horseVariantVirusMacThu, 04 Nov 2010 16:32:14 +0000Cory Bohon8834 at http://www.maclife.comHow To Disable Java in your Mac Web Browserhttp://www.maclife.com/article/howtos/how_disable_java_your_mac_web_browser
<!--paging_filter--><p><img src="/files/u12635/no_java_large.png" width="380" height="275" /><br /> <br /> With the announcement of a potentially harmful <a href="http://www.maclife.com/article/news/securemac_releases_new_information_about_boonana_trojan_virus" target="_blank">virus</a> floating about the internet this week, many Mac users have been weary of watching online videos via links to external sites, especially those on social networking websites like Facebook. However, this virus can be all but stopped by simply turning off Java code execution in your web browser of choice, according to <a href="http://www.securemac.com/boonana-bulletin.php" target="_blank">SecureMac</a>. That’s why we would like to show you how easy it can be to protect yourself from Java-based viruses originating from your web browser through applets. <br /> <br /></p><h2>Disabling Java Execution in Safari</h2><p>&nbsp;</p><p><a class="thickbox" href="/files/u12635/disable_java_safari_large.png"><img src="/files/u12635/disable_java_safari_large.png" width="380" height="299" class="thickbox" /></a><br />Apple makes it extremely easy to turn off Java code execution in Safari. Simply head over to Safari &gt; Preferences and click on the Security tab. From here, locate the checkbox labeled “Enable Java” under the Web Content section. Uncheck that box. &nbsp;</p><p>&nbsp;</p><p>&nbsp;</p><h2>Disabling Java Execution in Chrome</h2><p>&nbsp;</p><p><strong><a class="thickbox" href="/files/u12635/disable_java_chrome_large.png"><img src="/files/u12635/disable_java_chrome_large.png" width="380" height="263" class="thickbox" /></a><br /></strong></p><p>Google also makes disabling Java in Chrome relatively easy. To start, open Chrome and navigate to “about:plugins”. From this page listing all of your installed plugins, locate the plugin called “Java” with a description of “Java Plug-In 2 for NPAPI Browsers.” Underneath the plugin listing, click the Disable link to have the Java functionality in Chrome disabled.</p><p><br />When you do this, the settings will be saved and Java code execution from within Chrome will be disabled.</p><p>&nbsp;</p><p>&nbsp;</p><h2>Disabling Java Execution in Firefox</h2><p>&nbsp;</p><p><a class="thickbox" href="/files/u12635/disable_java_firefox_large.png"><img src="/files/u12635/disable_java_firefox_large.png" width="380" height="291" class="thickbox" /></a><br />Like Chrome, Firefox’s Java functionality is hidden in the plugins section. To disable Java in Firefox, navigate to Tools menu &gt; Add-ons &gt; Plugins tab. Once there, locate the plugin called Java Embedding Plugin. Click it, and then select the Disable button to have this functionality disabled. You may also have a plugin called Java Plug-In 2 for NPAPI Browsers; you can disable this plugin, too. <br /><br />There you have it, a way to turn off Java applet execution in three of the most popular browsers on the Mac. This should keep away the currently rampant Mac virus, but if you believe your Mac has been infected by the Mac virus, you should visit SecureMac to download a <a href="http://www.maclife.com/article/news/securemac_releases_new_information_about_boonana_trojan_virus" target="_blank">free virus removal tool</a> to check.</p><p>&nbsp;</p><p><em>Follow this article’s author, <a href="http://twitter.com/coryb" target="_blank">Cory Bohon</a></em><em><a href="http://twitter.com/coryb" target="_blank"> on Twitter</a>.</em><br /><br /></p><p>&nbsp;</p>http://www.maclife.com/article/howtos/how_disable_java_your_mac_web_browser#commentschromeFirefoxJavaMacMac How-TosSafariSecureMacSecuritythreattrojanTrojan horseVirusMacHow-TosFri, 29 Oct 2010 22:47:46 +0000Cory Bohon8764 at http://www.maclife.comSecurity Alert: New Trojan Horse on Mac OS X Spread Through Social Networkshttp://www.maclife.com/article/news/security_alert_new_trojan_horse_mac_os_x_spread_through_social_networks
<!--paging_filter--><p><img src="/files/u12635/macsecuritylock_large.png" width="380" height="222" /></p><p>It's not often that you hear of a virus for the Mac, but according to a <a href="http://www.securemac.com/boonana-bulletin.php" target="_blank"> Secure Mac security bulletin</a>, a new trojan virus has been detected on the Mac. The bulletin notes that the virus is spread through social networking websites like Facebook and is disguised as a video.</p><p>The trojan called "trojan.osx.boonana.a" has been wreaking havoc on both Windows and Mac platforms.</p><p>Secure Mac says, "When a user clicks the infected link, the trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically. When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system. Additionally, the trojan sets itself to run invisibly in the background at startup, and periodically checks in with command and control servers to report information on the infected system. While running, the trojan horse hijacks user accounts to spread itself further via spam messages. Users have reported the trojan is spreading through e-mail as well as social media sites."</p><p>This is a cross-platform virus due to the Java code that can be executed on both Windows and Mac operating systems. Secure Mac gives us some tips for protecting your computer from this virus. The first tip is to turn off Java execution in your web browser. You can do this in Safari by navigating to Safari &gt; Preferences &gt; Security Tab and unchecking the "Enable Java" checkbox.</p><p>Additional tips from Secure Mac includes:</p><p>1. Watch where you surf. By sticking with safe, well-known websites, you will be less likely to visit a site that will attempt to infect you with a trojan horse. Be especially careful when surfing to links included in messages on social media sites, even if they come from a friend.<br />2. Watch what you download. Download files only from trusted sources and safe sites.</p><p>3. Use security features in OS X. Turn on the built-in Firewall, and consider security software, especially when a computer is shared by multiple users.</p><p>If you believe your Mac is infected with this virus, you can download and run the free removal tool from Mac Scan on the <a href="http://www.securemac.com/boonana-bulletin.php" target="_blank">Secure Mac website</a>. You can also read more about this virus on that website.</p><p>&nbsp;</p><p><em>Follow this article's author, <a href="http://twitter.com/coryb" target="_blank">Cory Bohon on Twitter</a></em>.</p><p>&nbsp;</p><p>&nbsp;</p>http://www.maclife.com/article/news/security_alert_new_trojan_horse_mac_os_x_spread_through_social_networks#commentsNewscriticalMacSecuritytrojanVirusWed, 27 Oct 2010 18:45:05 +0000Cory Bohon8735 at http://www.maclife.comA Great Game...If You're About to Reformat Your Hard Drivehttp://www.maclife.com/article/news/great_gameif_youre_about_reformat_your_hard_drive
<!--paging_filter--><span style="font-size: 13px; font-family: Georgia" class="Apple-style-span"><div style="margin-top: 0px; margin-bottom: 0px"><span style="background-color: #ffffff; font-family: Georgia" class="Apple-style-span">The rules of the game are simple, as simple as the game's title Lose/Lose. Here's how creator Zach Gage describes the game: &quot;Each alien in the game is created based on a random file on the players computer. If the player kills the alien, the file it is based on is deleted. If the players ship is destroyed, the application itself is deleted.&quot; <br /><br />Posing as questioning our assumptions about our behavior when we &quot;are given a weapon an [sic] awarded for using it, that doing so is right, &quot; Gage's game also seeks to get users/viewers to think about what it means when we begin to prize our virtual possessions, our data, as much as if not more than actual physical possessions. Part meditation on virtual data, part philosophical tweaking on shooter game mentality, the game is considered plenty dangerous by many. </span></div><div style="margin-top: 0px; margin-bottom: 0px"> </div><div style="margin-top: 0px; margin-bottom: 0px"><span style="background-color: #ffffff; font-family: Georgia" class="Apple-style-span"><div><div><object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" width="300" height="500"><param name="width" value="300" /><param name="height" value="500" /><param name="src" value="http://vimeo.com/moogaloop.swf?clip_id=6569275&amp;server=vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=0&amp;color=ffffff&amp;fullscreen=1" /><param name="allowfullscreen" value="true" /><param name="allowscriptaccess" value="always" /><embed type="application/x-shockwave-flash" width="300" height="500" src="http://vimeo.com/moogaloop.swf?clip_id=6569275&amp;server=vimeo.com&amp;show_title=1&amp;show_byline=1&amp;show_portrait=0&amp;color=ffffff&amp;fullscreen=1" allowfullscreen="true" allowscriptaccess="always"></embed></object></div><p><a href="http://vimeo.com/6569275">lose/lose</a> from <a href="http://vimeo.com/user509791">zach gage</a> on <a href="http://vimeo.com">Vimeo</a>.</p></div><div><br />Even <a href="http://news.cnet.com/8301-27080_3-10391185-245.html">the creator reacts </a>that way: &quot;I'm surprised anyone has played it,&quot; Gage said. &quot;I'm shocked.&quot; <br /><br />While the game clearly spells out in multiple steps prior to installation and prior to playing what the game will do to your files and your hard drive, apparently there are people who are curious or dumb enough to install the game and play. Enough concern has been generated that the game has attracted the notice of Symantec, Sophos and Intego, who dub the game malware, <a href="http://www.tomshardware.com/news/Zach-Gage-Lose-Lose-Mac-Game,9005.html">each of them calling it a Trojan</a>. <br /><br />According to Kevin Haley, Symantec Security's director of product management, &quot;We are concerned that somebody could take this and modify it in some way where users aren't aware of the consequences.&quot; While we admit that that is technically possible, at that point the file in question isn't Gage's, nor can we see how the security firms came about their classification of Trojan. <br /><br />Now, having said all that, any takers? <a href="http://www.stfj.net/index2.php?project=art/2009/loselose">Who's up for a quick round?</a> Anyone? Anyone?</div><div> </div></span></div></span>http://www.maclife.com/article/news/great_gameif_youre_about_reformat_your_hard_drive#commentsNewsgamesmalwaretrojanGamesFri, 06 Nov 2009 03:40:14 +0000J Keirn-Swanson5222 at http://www.maclife.com